package com.vogue.meeting.common.security.exception;

import com.vogue.meeting.common.web.domain.Result;
import com.vogue.meeting.common.web.domain.ResultCode;
import org.springframework.http.converter.json.Jackson2ObjectMapperBuilder;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.web.access.AccessDeniedHandler;
import org.springframework.stereotype.Component;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

/**
 *自定义访问被拒绝消息
 */
@Component
public class CustomAccessDeniedHandler implements AccessDeniedHandler {

    @Override
    public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException accessDeniedException) throws IOException, ServletException {
        //资源服务异常处理  没有权限自定义处理
        response.setHeader("Content-type","application/json;charset=UTF-8");
        response.setCharacterEncoding("UTF-8");
        response.getWriter().write(Jackson2ObjectMapperBuilder.json().build().writeValueAsString(Result.failure(ResultCode.NOT_PERMISSION)));
    }
}
